Artwork

Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Getting in and getting out with SnapMC. [Research Saturday]

17:21
 
Share
 

Manage episode 310228807 series 112238
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Guest Christo Butcher of NCC Group's Research and Intelligence Fusion Team discusses their research into a cybercriminal group they dubbed SnapMC. Forget ransomware, too expensive and too much hassle. Randomly enter through a known vulnerability, take a look around, lock away data and leave again. And all that within half an hour: hit & run. An email is then sent to the affected organization: pay or else the stolen data will be published and/or sold.

This is the opportunistic approach of a new group of blackmailers who don't even bother to encrypt data. NCC Group has given them the name SnapMC: a combination of 'snap' (a sudden, sharp cracking sound or movement) and MC, from mc.exe, the primary tool they use to exfiltrate data. They have only seen SnapMC's attacks in the Netherlands for the time being. They do not target specific sectors and we have not (yet) been able to associate them with known attackers.

The research can be found here:

  continue reading

2858 episodes

Artwork
iconShare
 
Manage episode 310228807 series 112238
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.

Guest Christo Butcher of NCC Group's Research and Intelligence Fusion Team discusses their research into a cybercriminal group they dubbed SnapMC. Forget ransomware, too expensive and too much hassle. Randomly enter through a known vulnerability, take a look around, lock away data and leave again. And all that within half an hour: hit & run. An email is then sent to the affected organization: pay or else the stolen data will be published and/or sold.

This is the opportunistic approach of a new group of blackmailers who don't even bother to encrypt data. NCC Group has given them the name SnapMC: a combination of 'snap' (a sudden, sharp cracking sound or movement) and MC, from mc.exe, the primary tool they use to exfiltrate data. They have only seen SnapMC's attacks in the Netherlands for the time being. They do not target specific sectors and we have not (yet) been able to associate them with known attackers.

The research can be found here:

  continue reading

2858 episodes

Tutti gli episodi

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide